An Uber cyberattack exposing data on 57 million riders and drivers was hidden for a year after a $100,000 ransom was paid, and now has led to the firing of the company's chief security officer and a deputy, several news sites reported.

The information stolen in the October 2016 hack included the names, email addresses, and phone numbers of 50 million Uber riders, along with the personal information of about seven million drivers, Uber officials told Bloomberg. Driver's license information for some 600,000 drivers was also swiped.

Two hackers accessed a private GitHub coding site used by Uber software engineers and then used login credentials they obtained there to access data stored on an Amazon Web Services account that handled computing tasks for the company.

That is where hackers found rider and driver information, then demanded money from Uber, the company said.

"None of this should have happened, and I will not make excuses for it," Dara Khosrowshahi, Uber's chief executive officer, said in a company statement.

Joe Sullivan, the outgoing security chief, who spearheaded the response to the hack last year, and Craig Clark, a senior lawyer who reported to Sullivan, were fired, Bloomberg said.

Khosrowshahi, who replaced Uber co-founder and former chief executive officer Travis Kalanick in August, acknowledged that the company failed to disclose the hack to drivers, customers, and regulators.

He said he asked Matt Olsen, co-founder of a cybersecurity consulting firm and former general counsel of the National Security Agency, to help the company move forward; notify the drivers whose driver's license numbers were downloaded; offer free credit monitoring and identity theft protection to those affected; and contact regulators.

Some drivers said, though, that still do not know the full impact of the hack on them, The Guardian reported.

"The hack and the cover up is typical Uber only caring about themselves," Robert Judge, an Uber driver in Pittsburgh, told the Guardian, adding he had yet to receive any communication from the company. "I found out through the media. Uber doesn't get out in front of things, they hide them."

An Uber cyberattack exposing data on 57 million riders and drivers was hidden for a year after a $100,000 ransom was paid, and now has led to the firing of the company's chief security officer and a deputy, several news sites reported.